mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
48b60eb6c9
qemu/hw/rdma
History
Yuval Shaia a2efa1fac4 hw/pvrdma: Protect against buggy or malicious guest driver 
Guest driver might execute HW commands when shared buffers are not yet
allocated.
This could happen on purpose (malicious guest) or because of some other
guest/host address mapping error.
We need to protect againts such case.

Fixes: CVE-2022-1050

Reported-by: Raven <wxhusst@gmail.com>
Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Message-Id: <20220403095234.2210-1-yuval.shaia.ml@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
(cherry picked from commit 31c4b6fb02)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2023-03-30 12:19:04 +03:00
..
vmw hw/pvrdma: Protect against buggy or malicious guest driver 2023-03-30 12:19:04 +03:00
Kconfig kconfig: add dependencies on CONFIG_MSI_NONBROKEN 2019-03-18 09:39:57 +01:00
meson.build meson: convert hw/rdma 2020-08-21 06:30:29 -04:00
rdma_backend_defs.h hw/rdma: Replace QList by GQueue 2020-12-19 10:38:43 +01:00
rdma_backend.c hw/rdma: Replace QList by GQueue 2020-12-19 10:38:43 +01:00
rdma_backend.h hw/rdma: Skip data-path mr_id translation 2020-03-21 19:16:38 +02:00
rdma_rm_defs.h hw/rdma: Modify create/destroy QP to support SRQ 2019-05-04 15:55:56 +03:00
rdma_rm.c qapi: introduce x-query-rdma QMP command 2021-11-02 15:55:14 +00:00
rdma_rm.h qapi: introduce x-query-rdma QMP command 2021-11-02 15:55:14 +00:00
rdma_utils.c hw/dma: Use dma_addr_t type definition when relevant 2022-01-18 12:56:29 +01:00
rdma_utils.h hw/rdma/rdma_utils: Rename rdma_pci_dma_map 'len' argument 2022-01-18 12:56:07 +01:00
rdma.c {hmp, hw/pvrdma}: Expose device internals via monitor interface 2019-03-16 15:52:44 +02:00
trace-events hw/dma: Fix format string issues using dma_addr_t 2022-01-18 12:56:29 +01:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00